You, as an ethical hacker, need to be familiar with the various threat actors, which include anybody or anything responsible for a threat. Three broad types of threat actors may be identified.
Difficulty from Within (eg: a rogue employee) Danger From Without (eg: a criminal group) Danger from Nature (eg: hurricane or tsunami)
Vulnerabilities are actively sought by threat actors. The network, server, or application is vulnerable when the threat actor can exploit a known flaw or weakness in the system.
Examples of threat actors
Black hats, grey hats, and white hats are the three main categories of hackers.
Black hat hacker: Hackers that wear black hats have hostile intentions and break into systems. They're a kind of cracker.
White hat hacker: Ethical hackers, sometimes known as "white hats," are sometimes referred to as "s Companies often employ or contract with them in order to ensure that their security measures are adequate.
Grey hat hacker: Combining elements of both white hats and black hats, grey hats are a hybrid kind of hacker. The hackers enter restricted areas of the network without authorisation. All they want to do is show off their abilities, thus they aren't evil. Since they don't ask for permission beforehand, their acts are still unlawful.
Someone who uses pre-made tools because they lack the skills of a hacker to create their own is called a "script kiddie."
Threat actors like hacktivists are hackers with a goal, whether political or social. A Distributed Denial of Service attack is a frequent tactic they use (DDoS). Their goal is paramount to them, and they are capable of collaborating with other hackers who share their outlook.
These threat actors are well-resourced and well-organized organisations that often get support from governments or other authoritative bodies when they carry out their malicious actions. The goal of most state-sponsored attacks is to get access to and steal a substantial quantity of sensitive information from major businesses.
Peril from Within: Insider Threats
Internal threat actors are those inside an organisation who purposefully or accidentally engage in hostile activities. They may, for example, unwittingly provide sensitive data to other parties or sell data to a third party that intends to exploit the data as part of a threat operation.
Due to the insider's position inside the system, identifying them as a potential danger is a challenging task. All of the information, along with all of their knowledge of internal procedures and workings, would be available to them. Because they are already within the network, security measures like firewalls have a hard time monitoring their behaviour.
- ethical hacker
- threat actors
- Black hat hacker
- grey hat hacker
- white hat hacker